New cybersecurity legislation cleared the Senate Intelligence Committee on Tuesday during a closed session. Critics fear it may broaden the NSA’s already formidable access to Americans’ data.

Written by Senate Intelligence Chair Dianne Feinstein (D-CA) and
Senator Saxby Chambliss (R-GA), CISA – or Cybersecurity
Information Sharing Act – is widely seen as a redux of last
year’s CISPA bill, which was widely protested by online privacy
watchdogs and ultimately defeated in Congress.

A draft of the bill circulated in June granted permission by
government agencies to retain and share data for “a
cybersecurity purpose,” which was defined as “the
purpose of protecting an information system or information that
is stored on, processed by or transiting an information system
from a cybersecurity threat or security vulnerability.”
According to the Guardian, that language would likely lead the
NSA to stockpile weaknesses in digital security.

The legislation, which was approved by the committee by a vote of
12 to 3, would allow private firms to share information regarding
cyber-attacks “in real time.” It would also shield those
firms from lawsuits by individuals against those companies for
sharing data with each other, and with the US government,
regardless of terms of service contracts that may prevent such
actions without a customer’s consent.

According to the American Civil Liberties Union, which is joined
by like-minded watchdogs such as the Electronic Frontier
Foundation in panning CISA, the legislation’s “catch-all
provisions” would seem to allow the collection of the
content of communications, rather than just malicious code.
“That's one of the biggest concerns," Gabriel Rottman,
an attorney with the ACLU, told the Guardian.

CISA now heads to the full Senate for a vote, though it faces the
hurdle of a shortened legislative calendar, as well as mounting
opposition by the same groups that prevented passage of similar
legislation over the past two years.